DOCSLIB.ORG

Cisco Identity Services Engine Administrator Guide, Release 1.4.1 First Published: April 04, 2016 Last Modified: July 01, 2016

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cisco Identity Services Engine Administrator Guide, Release 1.4.1 First Published: April 04, 2016 Last Modified: July 01, 2016 Cisco Identity Services Engine Administrator Guide, Release 1.4.1 First Published: April 04, 2016 Last Modified: July 01, 2016 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http:// www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) © 2016 Cisco Systems, Inc. All rights reserved. CONTENTS PART I Introduction 1 CHAPTER 1 Cisco ISE Features 3 Cisco ISE Features 4 Key Functions 4 Identity-Based Network Access 4 Support for Multiple Deployment Scenarios 5 Support for UCS Hardware 5 Basic User Authentication and Authorization 5 Policy Sets 6 FIPS 140-2 Implementation 6 Support for Common Access Card Functions 7 Client Posture Assessment 7 Network Access for Guests 8 Support for Personal Devices 8 Mobile Device Manager Interoperability with Cisco ISE 8 Wireless and VPN Traffic with Inline Posture Nodes 8 Profiled Endpoints on the Network 9 Cisco pxGrid Services 9 Cisco ISE Certificate Authority 9 Support for Active Directory Multidomain Forests 9 Support for SAnet Devices 9 Support for Installation on Multiple Hardware and VMware Platforms 10 Identity Provider as an External Identity Source 10 Support for Automatic Failover for the Administration Node 10 CHAPTER 2 Navigate the Admin portal 11 Admin Portal 12 Cisco Identity Services Engine Administrator Guide, Release 1.4.1 iii Contents Cisco ISE Dashboard 13 Setup Assistant 14 Cisco ISE Licensing Impact on Setup Assistant 14 Run the Setup Assistant 14 Setup Assistant Overwrites Previous Configurations 15 Identify Policy Requirements Page in Setup Assistant 15 Configure Network Access Service Page in Setup Assistant 16 Select Network Device Types Page in Setup Assistant 18 Review and Confirm Your Choices Page in Setup Assistant 18 Filter Data on Listing Pages 18 Data Filters in Listing Pages 19 Customize the Displayed Field Attributes 19 Filter Data by Field Attributes Using the Quick Filter 19 Filter Data by Conditions Using the Advanced Filter 20 Create Custom Filters 20 Cisco ISE Internationalization and Localization 20 Supported Languages 20 End-User Web Portal Localization 21 Support for UTF-8 Character Data Entry 22 UTF-8 Credential Authentication 22 UTF-8 Policies and Posture Assessment 22 Cisco NAC and MAC Agent UTF-8 Support 22 UTF-8 Support for Messages Sent to Supplicant 23 Reports and Alerts UTF-8 Support 23 UTF-8 Character Support in the Portals 23 UTF-8 Support Outside the User Interface 26 Support for Importing and Exporting UTF-8 Values 26 UTF-8 Support on REST 26 UTF-8 Support for Identity Stores Authorization Data 27 MAC Address Normalization 27 Admin Features Limited by Role-Based Access Control Policies 27 PART II Deploy Cisco ISE Nodes 29 CHAPTER 3 Set Up Cisco ISE in a Distributed Environment 31 Cisco Identity Services Engine Administrator Guide, Release 1.4.1 iv Contents Cisco ISE Distributed Deployment 32 Cisco ISE Deployment Terminology 32 Personas in Distributed Cisco ISE Deployments 32 Administration Node 33 High Availability in Administration Nodes 33 High-Availability Health Check Nodes 35 Health Probe by Health Check Nodes 35 Startup of Health Check Node 35 Shutdown of Health Check Node 36 Restart of Health Check Node 36 Health Check of the Primary Administration Node 36 Automatic Failover of the Secondary Administration Node 36 Sample Scenarios when Automatic Failover is Avoided 37 Fallback to the Original PAN 37 Manual Promotion of the Secondary Administration Node 37 Functionalities Affected by the PAN Auto-Failover Feature 38 Policy Service Node 39 High Availability in Policy Service Nodes 39 Load Balancer To Distribute Requests Evenly Among PSNs 40 Session Failover in Policy Service Nodes 40 Number of Nodes in a Policy Service Node Group 40 Monitoring Node 40 Automatic Failover in Monitoring Nodes 41 Cisco pxGrid Services 42 pxGrid Client and Capability Management 43 Enable pxGrid Clients 43 Cisco pxGrid Live Logs 43 ISE pxGrid Identity Mapping 43 Configure Identity Mapping 44 Filter Identity Mapping 45 Active Directory Requirements to Support Identity Mapping 46 Configure Active Directory for Identity Mapping 46 Set the Windows Audit Policy 49 Set Permissions When AD User in the Domain Admin Group 49 Required Permissions When AD User Not in Domain Admin Group 50 Cisco Identity Services Engine Administrator Guide, Release 1.4.1 v Contents Permissions to Use DCOM on the Domain Controller 52 Set Permissions for Access to WMI Root/CIMv2 Name Space 54 Grant Access to the Security Event Log on the AD Domain Controller 55 Inline Posture Node 56 Inline Posture Node Installation 57 Cisco ISE Distributed Deployment 57 Cisco ISE Deployment Setup 57 Data Replication from Primary to Secondary ISE Nodes 57 Cisco ISE Node Deregistration 58 Automatic Restart of the Cisco ISE Application Server 58 Guidelines for Setting Up a Distributed Deployment 58 Menu Options Available on Primary and Secondary Nodes 59 Configure a Cisco ISE Node 60 Configure a Primary Administration Node 61 Register a Secondary Cisco ISE Node 61 Register an Inline Posture Node 63 View Nodes in a Deployment 64 Synchronize Primary and Secondary Cisco ISE Nodes 64 Create a Policy Service Node Group 64 Deploy Cisco pxGrid Services 65 Change Node Personas and Services 66 Manually Promote Secondary Administration Node To Primary 66 Configure Primary Administration Node for Automatic Failover 67 Configure Monitoring Nodes for Automatic Failover 68 Remove a Node from Deployment 69 Change the Hostname or IP Address of a Standalone Cisco ISE Node 69 Replace the Cisco ISE Appliance Hardware 70 CHAPTER 4 Set Up Inline Posture 71 Role of Inline Posture Node in a Cisco ISE Deployment 71 Inline Posture Policy Enforcement 72 Inline Posture Policy Enforcement Flow 72 Trusted and Untrusted Interfaces 74 Dedicated Nodes Required for Inline Posture 74 Standalone Inline Posture Node in a Cisco ISE Deployment 74 Cisco Identity Services Engine Administrator Guide, Release 1.4.1 vi Contents Inline Posture High Availability 74 Automatic Failover in Inline Posture Nodes 75 Inline Posture Operating Modes 75 Inline Posture Routed Mode 76 Inline Posture Bridged Mode 76 Inline Posture Maintenance Mode 77 Inline Posture High Availability in Routed and Bridged Modes 77 Best Practices for Inline Posture Deployment 78 Inline Posture Node Guidelines 79 Inline Posture Node Authorization 82 Deploy an Inline Posture Node 84 Configure an Inline Posture Node 84 Create Inline Posture Downloadable Access Control Lists 87 Create Inline Posture Node Profiles 87 Create an Inline Posture Authorization Policy 88 Configure a High-Availability Pair 89 Synchronize an Inline Posture Node 90 Configure Inline Posture Node as RADIUS Client in Administration Node 91 Remove an Inline Posture Node from Deployment 92 Health of an Inline Posture Node 92 Remote Access VPN Use Case 92 Configure an Inline Posture Node with a VPN Device 94 Collection of Inline Posture Node Logs 94 Kclick process in Inline Posture Node 95 PART III Setup Cisco ISE Management Access 97 CHAPTER 5 Administer Cisco ISE 99 Log in to Cisco ISE 99 Administrator Login Browser Support 100 Administrator Lockout
Load more

Recommended publications
  • Dropdmg 3.6.2 Manual
    DropDMG 3.6.2 Manual C-Command Software c-command.com February 16, 2021 Contents 1 Introduction 4 1.1 Feature List..............................................4 2 Installing and Updating 6 2.1 Requirements.............................................6 2.2 Installing DropDMG.........................................7 2.3 Updating From a Previous Version.................................7 2.4 Reinstalling a Fresh Copy......................................8 2.5 Uninstalling DropDMG.......................................9 2.6 Security & Privacy Access......................................9 3 Using DropDMG 13 3.1 Basics................................................. 13 3.2 Making a Bootable Device Image of a Hard Drive......................... 14 3.3 Backing Up Your Files to CD/DVD................................ 16 3.4 Burning Backups of CDs/DVDs................................... 17 3.5 Restoring Files and Disks...................................... 18 3.6 Making Images With Background Pictures............................. 19 3.7 Protecting Your Files With Encryption............................... 20 3.8 Transferring Files Securely...................................... 21 3.9 Sharing Licenses and Layouts.................................... 21 3.10 Splitting a File or Folder Into Pieces................................ 22 3.11 Creating a DropDMG Quick Action................................ 22 4 Menus 23 4.1 The DropDMG Menu........................................ 23 4.1.1 About DropDMG...................................... 23 4.1.2 Software
    [Show full text]
  • How to Disable Gatekeeper and Allow Apps from Anywhere in Macos Sierra
    How to Disable Gatekeeper and Allow Apps From Anywhere in macOS Sierra Gatekeeper, first introduced in OS X Mountain Lion, is a Mac security feature which prevents the user from launching potentially harmful applications. In macOS Sierra, however, Apple made some important changes to Gatekeeper that seemingly limit the choices of power users. But don’t worry, Gatekeeper can still be disabled in Sierra. Here’s how. Stand out at the party or promote your business with colorful powder coated and custom engraved Yeti tumblers from Perfect Etch. Traditionally, Gatekeeper offered three settings of increasing security: anywhere, App Store and identified developers, and App Store only. The first choice, as its name describes, allowed users to launch applications from any source, effectively disabling the Gatekeeper feature. The second choice allowed users to run apps from the Mac App Store as well as from software developers who have registered with Apple and securely sign their applications. Finally, the most secure setting limited users to running apps obtained from the Mac App Store only. While the secure options were good ideas for less experienced Mac users, power users found Gatekeeper to be too limiting and typically sought to disable it by setting it to “Anywhere.” In macOS Sierra, however, the “Anywhere” option is gone, leaving “App Store” and “App Store and identified developers” as the only two options. Disable Gatekeeper in macOS Sierra The Gatekeeper settings can be found in System Preferences > Security & Privacy > General. The Gatekeeper options are located beneath “All apps downloaded from:” with the choice of “Anywhere” missing. Thankfully, the “Anywhere” setting can be restored to Gatekeeper in Sierra with a Terminal command.
    [Show full text]
  • The Apple Ecosystem
    APPENDIX A The Apple Ecosystem There are a lot of applications used to manage Apple devices in one way or another. Additionally, here’s a list of tools, sorted alphabetically per category in order to remain vendor agnostic. Antivirus Solutions for scanning Macs for viruses and other malware. • AVG: Basic antivirus and spyware detection and remediation. • Avast: Centralized antivirus with a cloud console for tracking incidents and device status. • Avira: Antivirus and a browser extension. Avira Connect allows you to view device status online. • BitDefender: Antivirus and malware managed from a central console. • CarbonBlack: Antivirus and Application Control. • Cylance: Ransomware, advanced threats, fileless malware, and malicious documents in addition to standard antivirus. • Kaspersky: Antivirus with a centralized cloud dashboard to track device status. © Charles Edge and Rich Trouton 2020 707 C. Edge and R. Trouton, Apple Device Management, https://doi.org/10.1007/978-1-4842-5388-5 APPENDIX A THe AppLe ECOSYSteM • Malware Bytes: Antivirus and malware managed from a central console. • McAfee Endpoint Security: Antivirus and advanced threat management with a centralized server to track devices. • Sophos: Antivirus and malware managed from a central console. • Symantec Mobile Device Management: Antivirus and malware managed from a central console. • Trend Micro Endpoint Security: Application whitelisting, antivirus, and ransomware protection in a centralized console. • Wandera: Malicious hot-spot monitoring, jailbreak detection, web gateway for mobile threat detection that integrates with common MDM solutions. Automation Tools Scripty tools used to automate management on the Mac • AutoCasperNBI: Automates the creation of NetBoot Images (read: NBI’s) for use with Casper Imaging. • AutoDMG: Takes a macOS installer (10.10 or newer) and builds a system image suitable for deployment with Imagr, DeployStudio, LANrev, Jamf Pro, and other asr or Apple Systems Restore-based imaging tools.
    [Show full text]
  • Basics of Apple Device Security
    AN OVERVIEW FOR MAC, IPAD AND IPHONE Basics of Apple Device Security SMALL BUSINESS A well-planned cyberattack or an accidental download of 2 malware can mean the difference between a productive day and all work grinding to a halt. As hackers get more sophisticated, organizations concerned about their bottom line and security of their customer, employee or student data must stay on top of security. This guide is for anyone that has been tasked with Apple security concerns, like all IT security concerns, are real. managing Apple devices in your organization and wants to get serious about their organizational While Apple has invested a great deal in its security features security of their Apple devices, and offers basic and has rapidly become the leader in device and data privacy information for newcomers or a simple refresher for and security, no operating system is immune to security Apple management veterans. challenges. This means that administrators must not only respond quickly to security issues, but also proactively guard against them. 3 The basic building blocks Several factors work together to ensure the security of your organization’s hardware and data, and you can break them down into six main areas: Securing devices Apple native security Data encryption Keeping your physical devices Security systems already built-in The basics of encrypting data at Introduction secure and protecting those to macOS, iOS and iPadOS rest and data in transit using them to Apple Page 4 Page 7 Page 6 Security Compliance Secure monitoring Application
    [Show full text]
  • Mac Deployment Overview
    Mac Deployment Overview Overview Contents At Apple, we believe employees can do their best work when they have access to the best Overview tools and technology. All of our products are designed to enable employees to be more creative, Getting Started productive and work in new ways, whether in the office or on the go. This aligns with how Deployment Steps employees want to work in today’s world—with better access to information, frictionless Support Options collaboration and sharing, and the freedom to stay connected and work from anywhere. Summary Setting up and deploying Mac computers in today’s business environment has never been easier. With key services from Apple, in concert with a third-party mobile device management (MDM) solution, your organization can easily deploy and support macOS devices at scale. If your organization has already deployed iOS devices internally, it’s likely that most infrastructure work needed to implement macOS is already complete. Recent improvements in macOS security, management and deployment allow an organization to transition from monolithic imaging and traditional directory binding to a seamless provisioning model and deployment process that centers around each user and relies almost exclusively on tools that are built into macOS. This document provides guidance on everything you need to deploy macOS at scale, from understanding your existing infrastructure to device management and streamlined provisioning. The topics covered in this document are described in greater detail in the online macOS Deployment Reference: help.apple.com/deployment/macos/ Getting Started Building a deployment strategy and rollout plan as well as evaluating any existing macOS use by employees are important initial steps in the deployment process.
    [Show full text]
  • Mobile Device Management Protocol Reference
    Mobile Device Management Protocol Reference Developer Contents 1 About Mobile Device Management 7 At a Glance ................................................ 8 The MDM Check-in Protocol Lets a Device Contact Your Server ................... 8 The MDM Protocol Sends Management Commands to the Device .................. 8 The Way You Design Your Payload Matters .............................. 8 The Device Enrollment Program Lets You Configure Devices with the Setup Assistant ........ 8 The Volume Purchase Program Lets You Assign App Licenses to Users and Devices ......... 9 Apple Push Notification Certificates Can Be Generated Through the Apple Push Certificates Portal .. 9 See Also ................................................. 9 2 MDM Check-in Protocol 10 Structure of a Check-in Request ...................................... 10 Supported Check-in Commands ..................................... 11 Authenticate Message ........................................ 11 TokenUpdate Message ........................................ 12 CheckOut .............................................. 13 3 Mobile Device Management Protocol 14 Structure of MDM Payloads ........................................ 16 Structure of MDM Messages ....................................... 18 MDM Command Payloads ......................................... 20 MDM Result Payloads ........................................... 20 MDM Protocol Extensions ......................................... 21 macOS Extensions .......................................... 21 Network User Authentication
    [Show full text]
  • Search-Replace Tag Text V5.5 for Itunes 11+/Macos 10.12+ Find More Free Applescripts and Info on Writing Your Own at Doug's Applescripts for Itunes
    Search-Replace Tag Text v5.5 For iTunes 11+/macOS 10.12+ Find more free AppleScripts and info on writing your own at Doug's AppleScripts for iTunes. This applet performs a search-and-replace on a chosen tag (Song Name, Show, Artist, Album Artist, Album, Composer, Comments, Genre, Grouping, Movement or Work) of the selected tracks or all the tracks of the selected Playlist. For macOS 10.12 and later only. This app is free to try full-featured for 10 days. If you like it you can purchase a code for $1.99 which will unlock the 10 day trial restriction. Launch the app and click "Register…" in the its File menu to make an in-app purchase through PayPal. Installation: This script is an AppleScript applet and can be run by double-clicking its icon in the Finder. However, it is probably best accessed from the iTunes Script menu. Put AppleScripts in your iTunes "Scripts" folder. This is located at [user name] / Library / iTunes / Scripts / . The user Library directory is hidden by default. To make it visible, hold down the Option key on your keyboard and select Go > Library from the Finder. If the [user name] / Library / folder does not contain the "iTunes" or "Scripts" folders then then create them and put the script(s) in the "Scripts" folder. AppleScripts will then appear in iTunes' Script menu, and can be activated by selecting by name and clicking. Be sure to also save this Read Me document in a safe and convenient place. See the online Download FAQ for more info and video on downloading and installing AppleScripts.
    [Show full text]
  • Guide to Securing Apple OS X 10.10 Systems for IT Professionals: a NIST Security Configuration Checklist
    NIST Special Publication 800-179 Guide to Securing Apple OS X 10.10 Systems for IT Professionals: A NIST Security Configuration Checklist Lee Badger Murugiah Souppaya Mark Trapnell Eric Trapnell Dylan Yaga Karen Scarfone This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-179 C O M P U T E R S E C U R I T Y NIST Special Publication 800-179 Guide to Securing Apple OS X 10.10 Systems for IT Professionals: A NIST Security Configuration Checklist Lee Badger Murugiah Souppaya Mark Trapnell Dylan Yaga Computer Security Division Information Technology Laboratory Eric Trapnell Software and Systems Division Information Technology Laboratory Karen Scarfone Scarfone Cybersecurity Clifton, VA This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-179 December 2016 U.S. Department of Commerce Penny Pritzker, Secretary National Institute of Standards and Technology Willie May, Under Secretary of Commerce for Standards and Technology and Director Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130.
    [Show full text]
  • Ios and Ipados Deployment Overview Introduction Introduction
    iOS and iPadOS Deployment Overview Introduction Introduction Contents iPhone and iPad can transform your business and how your Introduction employees work. They can significantly boost productivity and Ownership Models give your employees the freedom and flexibility to work in new Deployment Steps ways, whether in the office or on the go. Embracing this modern Support Options way of working leads to benefits across the entire organization. Summary Users have better access to information, so they feel empowered and are able to creatively solve problems. By supporting iOS and iPadOS, IT departments are viewed as shaping the business strategy and solving real-world problems, rather than just fixing technology and cutting costs. Ultimately everyone benefits, with an invigorated workforce and new business opportunities everywhere. Setting up and deploying iPhone and iPad throughout your business has never been easier. With Apple Business Manager and a third-party mobile device management (MDM) solution, your organization can easily deploy iOS and iPadOS devices and apps at scale. • Mobile device management allows you to configure and manage devices, and wirelessly distribute and manage apps. • Apple Business Manager automates enrollment of Apple devices into your MDM solution to streamline deployment with zero-touch configuration for IT. • Apple Business Manager lets you purchase apps and books in bulk and distribute them to users wirelessly. • Apple Business Manager also lets you create Managed Apple IDs for employees using federated authentication with Microsoft Azure AD. This document offers guidance on deploying iOS and iPadOS devices in your organization and helps you create a deployment plan that best suits your environment.
    [Show full text]
  • Session 417 Sal Soghoian Chris Nebel Product Manager Automation Technologies Senior Automation Engineer
    OS X Automation Update What’s New in Automation Session 417 Sal Soghoian Chris Nebel Product Manager Automation Technologies Senior Automation Engineer These are confidential sessions—please refrain from streaming, blogging, or taking pictures What You Will Learn What’s new in Automation? What You Will Learn What’s new in Automation? • AppleScript and Automator What You Will Learn What’s new in Automation? • AppleScript and Automator ■ Dramatic new features What You Will Learn What’s new in Automation? • AppleScript and Automator ■ Dramatic new features ■ Multicomputer file access What You Will Learn What’s new in Automation? • AppleScript and Automator ■ Dramatic new features ■ Multicomputer file access ■ Security transparency What You Will Learn What’s new in Automation? • AppleScript and Automator ■ Dramatic new features ■ Multicomputer file access ■ Security transparency ■ New OS X Integration What You Will Learn What’s new in Automation? • AppleScript and Automator ■ Dramatic new features ■ Multicomputer file access ■ Security transparency ■ New OS X Integration ■ Getting your computer to pay attention iCloud Support Documents in the Cloud iCloud iCloud iCloud iCloud iCloud Support Documents in the Cloud • Automator and AppleScript Editor • Organize script, workflow, and service collections • Search cloud and local collections by tags • Distribute items across computers iCloud Support Documents in the Cloud • Automator and AppleScript Editor • Organize script, workflow, and service collections • Search cloud and local collections
    [Show full text]
  • Designing a Resource Broker for Heterogeneous Grids
    Designing a Resource Broker for Heterogeneous Grids Srikumar Venugopal, Krishna Nadiminti, Hussein Gibbins and Rajkumar Buyya Grid Computing and Distributed Systems Laboratory Dept. of Computer Science and Software Engineering The University of Melbourne, Australia {srikumar, kna, hag, raj}@csse.unimelb.edu.au Abstract: Grids provide uniform access to aggregations of heterogeneous resources and services such as computers, networks and storage owned by multiple organizations. However, such a dynamic environment poses many challenges for application composition and deployment. In this paper, we present the design of the Gridbus Grid resource broker that allows users to create applications and specify different objectives through different interfaces without having to deal with the complexity of Grid infrastructure. We present the unique requirements that motivated our design and discuss how these provide flexibility in extending the functionality of the broker to support different low-level middlewares and user interfaces. We evaluate the broker with different job profiles and Grid middleware and conclude with the lessons learnt from our development experience. Keywords: grid computing, software design, resource broker, extensibility, heterogeneous systems. 1 Introduction Grids [1] enable collaboration via virtualisation and sharing of resources and processes, owned, managed and used by multiple organisations and individuals from across the globe. Originally born out of the needs of high-end scientific investigations, this model of computing has come to be used in a wide range of areas including scientific research, engineering, business, finance and manufacturing. Grids consist of distributed heterogeneous resources such as high-end supercomputers, clusters, storage repositories, databases and scientific instruments connected by high-speed networks thereby representing a wide variety of computing platforms and software systems.
    [Show full text]
  • Macos Installation Notes 1 Gatekeeper Proximity on Macos the Following Are Some Important Notes Regarding Proper Gatekeeper Operation on Macos
    macOS Post-Installation Guide Untethered Labs, Inc. [email protected] GateKeeper for macOS Installation Notes 1 GateKeeper Proximity on macOS The following are some important notes regarding proper GateKeeper operation on macOS. Due to certain constraints regarding user authentication on macOS computers, the GateKeeper software needs a few modifications made to the macOS environment to give you the most seamless and satisfactory experience. 1.1 Supported macOS Versions GateKeeper is only supported on macOS 10.13 (High Sierra) and 10.14 (Mojave). 1.2 Post-Installation Restart After installation, a restart of the Mac is required. The automatic and button lock functions may fail to work until the Mac is restarted. 1.3 Login Screen Options We recommend setting “Displaying login window as” to “Name and password” for best usability. This can be changed from the “Users & Groups” settings menu, in the “Login Options” tab. Skipping this step will not affect Gatekeeper functionality but will improve the appearance of the login window thus improving usability. 1.4 Fast User Switching Gatekeeper uses fast-user switching when locking the screen and changing users. We recommend users turn on fast user switching and use this feature if they intend to suspend their session manually instead of using the lock screen. GateKeeper can only log in a user from the login window. Fast user switching can be enabled from the “Users & Groups” settings menu under the “Login Options” tab. Set “Show fast user switching menu as” to “Full Name”. Note that if you use the fast user switch menu to switch users directly (without going to the login window), GateKeeper will NOT automatically connect to that user.
    [Show full text]